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DETAILED ACTION 

1. Claims 1-14, 16, 18, and 20-23 are pending in this application and presented for 
examination. 

Continued Examination Under 37 CFR 1.114 

1. A request for continued examination under 37 CFR 1.114, including the fee set forth 
in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is 
eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 
1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn 
pursuant to 37 CFR 1.114. Applicant's submission filed on 4/16/08 has been entered. 

Response to Arguments 

3. Applicant's arguments with respect to the claims have been considered but are moot 
in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art 
are such that the subject matter as a whole would have been obvious at the time the invention was made to a 
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person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 

5. Claims 1-14, 16, 18, and 20-23 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Tripunitara et al. (Tripunitara), U.S. Patent No. 6,771,649 Bl, in view of 
what was well known in the art at the time of the invention, and further in view of 
Razzaghe-Ashrafi et al. (Razzaghe), U.S. Patent No. 6,202,169 Bl. 

6. As to claim 1, Tripunitara discloses a method of using a networking subsystem to 
prevent spoofing of an address resolution cache of the host computer (Col. 3, In. 3-14), the 
method comprising: 

said networking subsystem receiving an unsolicited message from a network that 
submits a new address resolution for a network protocol address (Col. 5, In. 33-35 and 53-55); 

said networking subsystem checking independently cached address resolution 
information associated with the host computer (Col. 2, In. 19-24; Col. 5, In. 34-46); 

in response to determining that cached address resolution information for said 
network protocol address has an old address resolution which differs from said new address 
resolution submitted by said unsolicited message (Col. 5, In. 51-53 and 65-67), said 
networking subsystem issuing a request for network elements having said network protocol 
address to reply with address resolution information (Col. 5, In. 46-55; Col. 6, In. 10-31) in 
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order to check the authenticity of the unsolicited message submitting the new address 
resolution for the network protocol address (Col. 3, In. 3-14; Col. 5, In. 31-33); 

in response to determining that no reply messages confirm that a network element 
has said old address resolution (Col. 5, In. 32-40), said networking subsystem permitting at 
least one message to pass onto said host computer which includes said new address resolution 
(Col. 5, In. 32-40); and 

in response to receiving a reply message that confirms a network element has said old 
address resolution (Col. 5, In. 46-55), said networking subsystem blocking at least one 
message which include said new address resolution from passing onto said host computer 
(Col. 5, In. 41-46); 

wherein said networking subsystem protects said host computer from spoofed address 
resolution messages (Col. 1, In. 19-31; Col. 2, In. 19-24). 

Tripunitara may be interpreted as disclosing a firewall, as a "dynamic packet filter" is 
shown in Fig. 2. However, Tripunitara does not use the term "firewall." Tripunitara is silent 
on a firewall being resident on the host computer. 

Official Notice (see MPEP 2144.03, Reliance on "Well Known" Prior Art) is taken that 
it was well known in the art to get the advantage of providing an extra layer of security for 
host computers without the need for installing an external component to act as a firewall by 
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using a local firewall. It was well known in the art to include the functions of a firewall on a 
host computer. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify the teachings of Tripunitara by using a local firewall to gain the 
advantage of this well known feature. 

Applicant has argued that Tripunitara does not truly disclose an unsolicited message 
being accepted when valid and instead simply blocks it. 

However, Razzaghe discloses in response to determining that cached address 
resolution information for said network protocol address has an old address resolution which 
differs from said new address resolution submitted by said unsolicited message (Abstract; Col. 
5, In. 25-33; Col. 9, In. 5-9), the unsolicited message submitting the new address resolution 
for the network protocol address (Abstract; Col. 5, In. 25-33; Col. 9, In. 5-9). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify the teachings of Tripunitara and what was well known in the art at the 
time of the invention by accepting unsolicited messages when valid as taught by Razzaghe in 
order to allow unsolicited, but valid ARP information to be implemented (Razzaghe: 
Abstract; Col. 5, In. 25-33; Col. 9, In. 5-9). 
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7. As to claim 2, Tripunitara, what was well known in the art, and Razzaghe disclose the 
invention substantially as in parent claim 1, including said network implements a LAN 
network running Internet Protocol using the Address Resolution Protocol (ARP) for 
resolving medium access control (MAC) addresses, and said address resolution cache is an 
ARP cache mapping IP addresses to MAC addresses (Tripunitara: Col. 3, In. 15-37). 

Tripunitara does not explicitly define the use of IPv4. However, Official Notice is 
taken that IPv4 was extremely well known in the art and the standard for IP 
communications in LAN and Internet communications. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify the teachings of Tripunitara by using the well known IPv4 in order to 
implement a pre-defined standard for network communications, for the purpose of 
maximizing the compatibility with other networking elements. 

8. As to claim 3, the claim is rejected for reasons similar to claim 2 above. IPv6 with 
Neighbor Discovery was extremely well known in the art. It would have been obvious to one 
of ordinary skill in the art at the time of the invention to modify the teachings of Tripunitara 
by using IPv6 with Neighbor Discovery in order to implement a pre-defined standard for 
network communications, for the purpose of maximizing the compatibility with other 
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networking elements, and in order to add the capacity for a greater number of host addresses 
and the greater security of IPv6. 

9. As to claims 4, 7-8, and 10-11, the claims are rejected for reasons similar to claim 1 
above. 

10. As to claims 5 and 13, the claims are rejected for reasons similar to claim 2 above. 

11. As to claims 6 and 14, the claims are rejected for reasons similar to claim 3 above. 

12. As to claim 9, Tripunitara, what was well known in the art, and Razzaghe disclose the 
invention substantially as in parent claim 4, including storing cache entries with a residency 
lifetime greater than in said address resolution cache (Tripunitara: Col. 5, In. 65 - Col. 6, In. 
3) of said host computer (Tripunitara: Col. 3, In. 3-14). 



13. 



As to claim 12, the claim is rejected for reasons similar to claim 9 above. 
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14. As to claims 16, 18, and 20, the claims are rejected for reasons similar to claim 1 
above. It is well known in the art to include the functions of a firewall on a host computer, 
and therefore, on the chipset of a host computer. 

15. As to claims 21-23, the claims are rejected for reasons similar to claim 9 above. 

Conclusion 

16. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Brian P. Whipple whose telephone number is (571)270-1244. 
The examiner can normally be reached on Mon-Fri (9:30 AM to 6:00 PM EST). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Bunjob Jaroenchonwanit can be reached on (571) 272-3913. The fax phone 
number for the organization where this application or proceeding is assigned is 571-273- 
8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status information 
for unpublished applications is available through Private PAIR only. For more information 
about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access 
to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 
(toll-free). If you would like assistance from a USPTO Customer Service Representative or 
access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 
571-272-1000. 
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